{{- define "argo-values" }} argo-cd: enabled: {{ default "false" (index .Values "argo" "argo-cd" "enabled") }} {{- with index .Values "argo" "argo-cd" "configs" }} configs: {{- toYaml . | nindent 4 }} {{- end }} controller: metrics: enabled: {{ .Values.metrics.enabled }} repoServer: metrics: enabled: {{ .Values.metrics.enabled }} {{- with index .Values "argo" "argo-cd" "repoServer" }} {{- toYaml . | nindent 4 }} {{- end }} server: metrics: enabled: {{ .Values.metrics.enabled }} {{- if and ( index .Values "argo" "argo-cd" "istio" "enabled" ) .Values.istio.enabled }} istio: {{- with index .Values "argo" "argo-cd" "istio" }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} argocd-apps: enabled: {{ default "false" (index .Values "argo" "argo-cd" "enabled") }} projects: kubezero: namespace: argocd description: KubeZero - ZeroDownTime Kubernetes Platform sourceRepos: - {{ .Values.kubezero.repoURL }} {{- with .Values.kubezero.gitSync.repoURL }} - {{ . }} {{- end }} destinations: - namespace: '*' server: https://kubernetes.default.svc clusterResourceWhitelist: - group: '*' kind: '*' applications: kubezero-git-sync: namespace: argocd project: kubezero source: repoURL: {{ .Values.kubezero.gitSync.repoURL }} targetRevision: {{ .Values.kubezero.gitSync.targetRevision }} path: {{ .Values.kubezero.gitSync.path }} directory: recurse: true destination: server: https://kubernetes.default.svc namespace: argocd syncPolicy: {{- toYaml (default dict .Values.kubezero.syncPolicy) | nindent 8 }} argocd-image-updater: enabled: {{ default "false" (index .Values "argo" "argocd-image-updater" "enabled") }} {{- with omit (index .Values "argo" "argocd-image-updater") "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} {{- if .Values.global.aws }} extraEnv: - name: AWS_ROLE_ARN value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.argocd-image-updater" - name: AWS_WEB_IDENTITY_TOKEN_FILE value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" - name: AWS_STS_REGIONAL_ENDPOINTS value: "regional" - name: METADATA_TRIES value: "0" - name: AWS_REGION value: {{ .Values.global.aws.region }} volumes: - name: aws-token projected: sources: - serviceAccountToken: path: token expirationSeconds: 86400 audience: "sts.amazonaws.com" volumeMounts: - name: aws-token mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/" readOnly: true {{- end }} metrics: enabled: {{ .Values.metrics.enabled }} {{- end }} {{- define "argo-argo" }} {{- end }} {{ include "kubezero-app.app" . }}